/**
 * 
 */
package com.bobamrz.frontend;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.bobamrz.domain.UserDTO;

/**
 * @author Vladimir Morozov
 *
 */
public class SecuredSuperServlet extends SuperServlet {

	private static final long serialVersionUID = -1324702068813051820L;
	
	@Override
	protected void processGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
		boolean securityOk = checkSecurity(request, response);
		if(securityOk) {
			securedGet(request, response);
		}
	}
	
	@Override
	protected void processPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		boolean securityOk = checkSecurity(request, response);
		if(securityOk) {
			securedPost(request, response);
		}
	}
	
	protected void securedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException{
		throw new UnsupportedOperationException();//default
	}
	
	protected void securedPost(HttpServletRequest req, HttpServletResponse resp){
		throw new UnsupportedOperationException();//default
	}
	
	private boolean checkSecurity(HttpServletRequest request, HttpServletResponse response) throws IOException {
		SecurityManager secMan = new SecurityManager();
		UserDTO user = secMan.getUser(request);
		if(user == null) {
			response.sendRedirect("login");
			return false;
		}
		request.setAttribute("username", user.getFirstname() + " " + user.getLastname());
		return true;
	}
	
	

}
